Adtran
Help
The Adtran community holiday season is starting next week! The holiday period will span from December 21, 2024 to January 6, 2025. During this time, responses to feedback form submissions may be delayed. If you are encountering product issues, you can reach out to Adtran support at any time.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
george_s
New Contributor
‎09-16-2013 11:01 AM

1638p standalone InterVLAN routing

Jump to solution

I have 2 1638P's at a single site. Both are on R10.9.0.HA OS. The switches are connected with fiber on xgigabit 1/1:

interface xgigabit-switchport 1/1

  description Tie to BLDG 2

  no shutdown

  switchport mode trunk

  switchport trunk allowed vlan 1,10

  qos trust cos

  speed auto

I have 2 VLANs:

interface vlan 1

  ip address  199.248.249.240  255.255.255.0 ( i know this is a public address, this is inherited and will eventually be changed)

  ip route-cache express

  no shutdown

!

interface vlan 10

  ip address  192.168.10.1  255.255.255.0

  ip route-cache express

  no shutdown

!

I want devices on VLANs to be able to communicate with each other, using the 1638P for routing between the VLANs.


Right now if I have PC's on gi 0/2 with an IP address of 199.248.249.210/24 and gi 0/3 with an IP address of 192.168.10.100/24, I cannot ping between the 2. Can you tell me what I am missing?


Here are the port configs:

interface gigabit-switchport 0/1

  description Router/Firewall Port

  spanning-tree edgeport

  no shutdown

  switchport mode trunk

  switchport trunk allowed vlan 1,10

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/2

  spanning-tree edgeport

  no shutdown

  qos trust cos

!

interface gigabit-switchport 0/3

  spanning-tree edgeport

  no shutdown

  switchport voice vlan 10

  qos trust cos

Labels (1)
Labels
0 Kudos
Reply
1 Solution

Accepted Solutions
Anonymous
Not applicable
‎09-17-2013 12:05 PM

Re: 1638p standalone InterVLAN routing

Jump to solution

:

Thank you for asking this question in the support community.  Based on the configuration example you provided, it appears that gigabit-switchport 0/2 and 0/3 are both in VLAN 1 (the native VLAN) for the PCs.  Therefore, since one computer is configured in the VLAN 1 subnet, and the other is in the VLAN 10 subnet, but both of the switchports are configured for VLAN 1, this will not work.  When you get a chance, could you configure switchport 0/3 to be in VLAN 10, as follows, and try the connectivity tests again:

# configure terminal

(config)# interface gigabit-switchport 0/3

(config-giga-swx 0/3)# switchport access vlan 10

Also, I recommend the firewalls are disabled on the PCs during your testing.  Is the NV1638 acting as a Layer 3 switch with the global command ip route-cache express?

Please, do not hesitate to reply to this post with any questions or additional information.  I will be happy to help in any way I can.

Levi

View solution in original post

0 Kudos
Reply
4 Replies
Anonymous
Not applicable
‎09-17-2013 12:05 PM

Re: 1638p standalone InterVLAN routing

Jump to solution

:

Thank you for asking this question in the support community.  Based on the configuration example you provided, it appears that gigabit-switchport 0/2 and 0/3 are both in VLAN 1 (the native VLAN) for the PCs.  Therefore, since one computer is configured in the VLAN 1 subnet, and the other is in the VLAN 10 subnet, but both of the switchports are configured for VLAN 1, this will not work.  When you get a chance, could you configure switchport 0/3 to be in VLAN 10, as follows, and try the connectivity tests again:

# configure terminal

(config)# interface gigabit-switchport 0/3

(config-giga-swx 0/3)# switchport access vlan 10

Also, I recommend the firewalls are disabled on the PCs during your testing.  Is the NV1638 acting as a Layer 3 switch with the global command ip route-cache express?

Please, do not hesitate to reply to this post with any questions or additional information.  I will be happy to help in any way I can.

Levi

0 Kudos
Reply
george_s
New Contributor
‎09-17-2013 12:52 PM

Re: 1638p standalone InterVLAN routing

Jump to solution

Thanks for the reply Levi, I appreciate the assist!

Here is what I have done:

PC#1 Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :

     IPv4 Address. . . . . . . . . . . : 192.168.10.100

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Default Gateway . . . . . . . . . : 192.168.10.1

on switchport 3

PC#2

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :

     IPv4 Address. . . . . . . . . . . : 199.248.249.100

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Default Gateway . . . . . . . . . : 199.248.249.239

on switchport 2

I can ping the local gateways from each pc, but not the other pc

Here is the sho run with the changes:

BLDG_1#sho run

Building configuration...

!

!

! ADTRAN, Inc. OS version R10.9.0.HA

! Boot ROM version R10.3.0.SB

! Platform: NetVanta 1638P, part number 1700569F1

! Serial number LBADTN1330AC109

!

!

hostname "BLDG_1"

enable password encrypted 45417c969624fbb572faea17d3bf694b7d0b

!

clock timezone -6-Central-Time

clock no-auto-correct-DST

!

ip subnet-zero

ip classless

ip default-gateway 199.248.249.200

ip routing

domain-name "customer.com"

name-server 199.248.249.219 199.248.249.120

!

!

ip route-cache express

!

no auto-config

!

event-history on

no logging forwarding

no logging email

!

service password-encryption

!

username "admin" password encrypted "2921684f70c8e5f65910e17ad71b507967cd"

username "customer" password encrypted "3632860a05f03c30d946651decec5e91b7ef"

username "vendor" password encrypted "464e740d5eea99e0046f3e3b8fe320bf9b29"

!

banner motd 1

NO UNAUTHORIZED ACCESS!!! 1

!

!

!

no dot11ap access-point-control

no dos-protection

no desktop-auditing dhcp

no network-forensics ip dhcp

!

!

!

qos queue-type strict-priority

!

qos dscp-cos 46 to 5

! DSCP to CoS mapping only operates on ports that have 'qos trust cos' applied

!

!

!

vlan 1

  name "Default"

!

vlan 10

  name "Voice_VLAN"

!

interface eth 0/1

  no ip address

  shutdown

!

!

interface gigabit-switchport 0/1

  description To FIREWALL/ROUTER

  spanning-tree edgeport

  no shutdown

  switchport mode trunk

  switchport trunk allowed vlan 1,10

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/2

  spanning-tree edgeport

  no shutdown

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/3

  spanning-tree edgeport

  no shutdown

  switchport access vlan 10

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/4

  spanning-tree edgeport

  no shutdown

  switchport voice vlan 10

  qos trust cos

!

!

interface gigabit-switchport 0/47

  spanning-tree edgeport

  no shutdown

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/48

  spanning-tree edgeport

  no shutdown

  switchport voice vlan 10

  qos trust cos

!

!

interface xgigabit-switchport 1/1

  description BLDG2 TRUNK

  no shutdown

  switchport mode trunk

  switchport trunk allowed vlan 1,10

  qos trust cos

  speed auto

!

interface xgigabit-switchport 1/2

  no shutdown

  switchport mode access

  speed auto

!

!

!

interface vlan 1

  ip address  199.248.249.239  255.255.255.0

  ip route-cache express

  no shutdown

!

interface vlan 10

  ip address  192.168.10.1  255.255.255.0

  ip route-cache express

  no shutdown

!

!

no tftp server

no tftp server overwrite

http server

http secure-server

no snmp agent

no ip ftp server

ip ftp server default-filesystem flash

no ip scp server

no ip sntp server

!

!

line con 0

  login local-userlist

  password encrypted 2622805029c6d744b272afd26cef4452f21a

!

line telnet 0 4

  login local-userlist

  password encrypted 32364d4c499a28f5792d01841d942bd166fe

  no shutdown

line ssh 0 4

  login local-userlist

  no shutdown

!

!

!

!

end

BLDG_1#

0 Kudos
Accept as Solution Reply
Anonymous
Not applicable
‎09-17-2013 01:36 PM

Re: 1638p standalone InterVLAN routing

Jump to solution

:

Thank you for replying with this information.  Is the firewall disabled on both PCs?  Can PC#1 (which is in VLAN 10) ping the VLAN 1 interface?  Can PC#2 (which is in VLAN 1) ping the VLAN 10 interface?  What happens on a tracert from PC1 to PC2 and vice-versa?

Levi

0 Kudos
Accept as Solution Reply
george_s
New Contributor
‎09-17-2013 03:36 PM

Re: 1638p standalone InterVLAN routing

Jump to solution

Hi Levi:

I had firewall issues on one of the machines, in that even with the service disabled it would not respond to pings. I swapped machines and all is good

  • From PC#1 VLAN10, I can ping 192.168.10.1, 199.248.249.239, and 199.248.249.100
  • From PC#1 tracert is good to the machine
  • From PC#2 VLAN1, I can ping 199.248.249.239, 192.168.10.1 and 192.168.10.100
  • From PC#2 tracert is goo to the machine
  • From the console port, I can ping both gateways, and machines

So your original diagnosis was good, and I am now able to route between VLANs. Thanks again for taking the time to help me out

0 Kudos
Accept as Solution Reply